Junior Web Application Penetration Test Consultant
Rapid Strategy is seeking a Junior level Web Application Penetration Test Consultant. We are hiring for both full and part-time consultants. Rapid Strategy is an award-winning African-American owned small business providing cybersecurity services to the private and public sector. Based in Charlotte, NC, we support our clients across the North Carolina and DMV area. You can learn more about Rapid Strategy at www.RapidStrategy.io. Part-time and 1099 roles are available as well.
Job Description:
Objective: The primary objective of the Web Application Penetration Tester is to simulate cyber attacks on web applications to identify security vulnerabilities before they can be exploited by malicious actors. This role involves a combination of analytical skills, technical expertise, and creativity to simulate real-world hacking scenarios.
Key Responsibilities:
- Conducting thorough penetration tests on web applications to identify vulnerabilities.
- Utilizing various penetration testing tools and methodologies to simulate cyber attacks.
- Analyzing web applications for weaknesses and vulnerabilities using manual and automated methods.
- Understanding and exploiting known web vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and others.
- Preparing detailed reports on findings and providing recommendations for security improvements.
- Collaborating with development teams to advise on security best practices.
- Keeping abreast of the latest cybersecurity threats and testing methodologies.
Required Skills and Qualifications:
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- 1-3 Years of Experience in cybersecurity or a related field
- Industry certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or GIAC Web Application Penetration Tester (GWAPT).
- Basic understanding of web application technologies and protocols (HTTP/HTTPS, HTML, JavaScript, etc.).
- Comfortable using penetration testing tools like Burp Suite, OWASP ZAP, Metasploit, SQLMap, etc.
- Experience with known exploits and their mitigation.
- Ability to analyze and report on penetration testing outcomes effectively.
- Excellent problem-solving and analytical skills.
- Strong communication skills for collaboration with cross-functional teams.
Desirable Skills:
- Some experience with programming/scripting languages such as Python, JavaScript, or Ruby.
- Knowledge of network security and operating systems.
- Familiarity with cloud environments and container technologies.
This role may require working in diverse environments, ranging from remote work to on-site engagements with clients.